CVE-2025-27217

Summary

A Server-Side Request Forgery (SSRF) in the UISP Application may allow a malicious actor with certain permissions to make requests outside of UISP Application scope.

Affected Software

VendorProductVersion RangeStatus
Ubiquiti IncUISP Application2.4.220 < 2.4.220affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References